From dd7e09b2d342060c752a51a4a0b7bf34e91fe023 Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Tue, 3 Jun 2025 19:48:11 -0600 Subject: [PATCH 01/14] Update CAPT playground to use tinkerbell/tinkerbell: This deploys the playground using the new single binary Tinkerbell stack and its Helm chart. This works with a locally built CAPT that has been updated to also use the latest Tinkerbell APIs. This will need to wait for CAPT to have an official release before it can merge. Signed-off-by: Jacob Weinstock --- capt/Taskfile.yaml | 2 +- capt/config.yaml | 8 ++++---- capt/scripts/generate_state.sh | 1 + capt/scripts/update_state.sh | 4 ++++ capt/tasks/Taskfile-capi.yaml | 4 ++-- capt/tasks/Taskfile-create.yaml | 18 +++++++++--------- capt/templates/kustomization-iso.tmpl | 4 ++-- 7 files changed, 23 insertions(+), 18 deletions(-) diff --git a/capt/Taskfile.yaml b/capt/Taskfile.yaml index b05e9b7a..718115d7 100644 --- a/capt/Taskfile.yaml +++ b/capt/Taskfile.yaml @@ -108,7 +108,7 @@ tasks: echo The workload cluster kubeconfig is located at: {{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig echo echo 1. Watch and wait for the first control plane node to be provisioned successfully: STATE_SUCCESS - echo "KUBECONFIG={{.KIND_KUBECONFIG}} kubectl get workflows -n {{.NAMESPACE}} -w" + echo "KUBECONFIG={{.KIND_KUBECONFIG}} kubectl get workflows -n {{.NAMESPACE}} -o wide -w" echo echo echo 2. Watch and wait for the Kubernetes API server to be ready and responding: diff --git a/capt/config.yaml b/capt/config.yaml index 27145888..0edf9457 100644 --- a/capt/config.yaml +++ b/capt/config.yaml @@ -7,16 +7,16 @@ counts: workers: 1 spares: 1 versions: - capt: v0.6.1 - chart: 0.6.1 + capt: v0.6.5 + chart: v0.18.1 kube: v1.29.4 os: 20.04 - kubevip: 0.8.7 + kubevip: 0.9.1 capt: providerRepository: "https://github.com/tinkerbell/cluster-api-provider-tinkerbell/releases" #providerRepository: "/home/tink/repos/tinkerbell/cluster-api-provider-tinkerbell/out/release/infrastructure-tinkerbell" chart: - location: "oci://ghcr.io/tinkerbell/charts/stack" + location: "oci://ghcr.io/tinkerbell/charts/tinkerbell" #location: "/home/tink/repos/tinkerbell/charts/tinkerbell/stack" os: registry: ghcr.io/tinkerbell/cluster-api-provider-tinkerbell diff --git a/capt/scripts/generate_state.sh b/capt/scripts/generate_state.sh index ee0042ef..e4ca878e 100755 --- a/capt/scripts/generate_state.sh +++ b/capt/scripts/generate_state.sh @@ -63,6 +63,7 @@ kind: bridgeName: br-d086780dac6b tinkerbell: vip: 172.18.10.74 + hookosVip: 172.18.10.73 cluster: controlPlane: vip: 172.18.10.75 diff --git a/capt/scripts/update_state.sh b/capt/scripts/update_state.sh index f27a6479..a58627df 100755 --- a/capt/scripts/update_state.sh +++ b/capt/scripts/update_state.sh @@ -30,6 +30,10 @@ function main() { t_lb=$(echo "$NODE_IP_BASE" | awk -F"." '{print $1"."$2"."$3}').$((IP_LAST_OCTET + idx + offset)) yq e -i '.tinkerbell.vip = "'$t_lb'"' "$STATE_FILE" + # set the Tinkerbell HookOS VIP + hookos_vip=$(echo "$NODE_IP_BASE" | awk -F"." '{print $1"."$2"."$3}').$((IP_LAST_OCTET + idx + offset - 1)) + yq e -i '.tinkerbell.hookosVip = "'$hookos_vip'"' "$STATE_FILE" + # set the cluster control plane load balancer IP (VIP) cp_lb=$(echo "$NODE_IP_BASE" | awk -F"." '{print $1"."$2"."$3}').$((IP_LAST_OCTET + idx + offset + 1)) yq e -i '.cluster.controlPlane.vip = "'$cp_lb'"' "$STATE_FILE" diff --git a/capt/tasks/Taskfile-capi.yaml b/capt/tasks/Taskfile-capi.yaml index c266d5a4..fb996daf 100644 --- a/capt/tasks/Taskfile-capi.yaml +++ b/capt/tasks/Taskfile-capi.yaml @@ -110,7 +110,7 @@ tasks: VERSIONS_OS: sh: yq eval '.versions.os' {{.STATE_FILE_FQ_PATH}} SSH_AUTH_KEY: - sh: yq eval '.os.sshKey' {{.STATE_FILE_FQ_PATH}} + sh: yq eval '.os.sshKey // "ssh-ed25519 AAAAC3N..."' {{.STATE_FILE_FQ_PATH}} KUBE_VERSION: sh: yq eval '.versions.kube' {{.STATE_FILE_FQ_PATH}} TINKERBELL_VIP: @@ -129,7 +129,7 @@ tasks: BOOTMODE: sh: yq eval '.bootMode' {{.STATE_FILE_FQ_PATH}} KUSTOMIZE_FILE: - sh: "[[ {{.BOOTMODE}} == 'iso' ]] && echo kustomization-iso.tmpl || echo kustomization-netboot.tmpl" + sh: "[[ {{.BOOTMODE}} == 'isoboot' ]] && echo kustomization-iso.tmpl || echo kustomization-netboot.tmpl" sources: - config.yaml generates: diff --git a/capt/tasks/Taskfile-create.yaml b/capt/tasks/Taskfile-create.yaml index ef954f5b..51854c71 100644 --- a/capt/tasks/Taskfile-create.yaml +++ b/capt/tasks/Taskfile-create.yaml @@ -105,6 +105,8 @@ tasks: sh: yq eval '.kind.kubeconfig' {{.STATE_FILE_FQ_PATH}} LB_IP: sh: yq eval '.tinkerbell.vip' {{.STATE_FILE_FQ_PATH}} + LB_IP2: + sh: yq eval '.tinkerbell.hookosVip' {{.STATE_FILE_FQ_PATH}} TRUSTED_PROXIES: sh: KUBECONFIG={{.KUBECONFIG}} kubectl get nodes -o jsonpath='{.items[*].spec.podCIDR}' STACK_CHART_VERSION: @@ -117,17 +119,15 @@ tasks: BOOTMODE: sh: yq eval '.bootMode' {{.STATE_FILE_FQ_PATH}} GLOBAL_VARS: - - global.trustedProxies={"{{.TRUSTED_PROXIES}}"} - - global.publicIP={{.LB_IP}} + - trustedProxies={"{{.TRUSTED_PROXIES}}"} + - publicIP={{.LB_IP}} + - artifactsFileServer=http://{{.LB_IP2}}:8080 ISO_VARS: - - stack.hook.extension=both - - smee.iso.enabled=true - - smee.iso.url=http://{{.LB_IP}}:8080/hook-latest-lts-x86_64-efi-initrd.iso - - smee.iso.staticIPAMEnabled=true - - smee.dhcp.enabled=false - - stack.relay.enabled=false + - deployment.envs.smee.dhcpEnabled=false + - hookos.extension=both + - deployment.envs.smee.isoUpstreamURL=http://{{.LB_IP2}}:8080/hook-latest-lts-x86_64-efi-initrd.iso cmds: - - KUBECONFIG="{{.KUBECONFIG}}" helm install {{.CHART_NAME}} {{.LOCATION}} --version "{{.STACK_CHART_VERSION}}" --create-namespace --namespace {{.NAMESPACE}} --wait {{range .GLOBAL_VARS}}--set "{{.}}" {{end}} {{- if eq .BOOTMODE "iso" }} {{- range .ISO_VARS }}--set "{{.}}" {{end}} {{end}} + - KUBECONFIG="{{.KUBECONFIG}}" helm install {{.CHART_NAME}} {{.LOCATION}} --version "{{.STACK_CHART_VERSION}}" --create-namespace --namespace {{.NAMESPACE}} --wait {{range .GLOBAL_VARS}}--set "{{.}}" {{end}} {{- if eq .BOOTMODE "isoboot" }} {{- range .ISO_VARS }}--set "{{.}}" {{end}} {{end}} status: - KUBECONFIG="{{.KUBECONFIG}}" helm list -n {{.NAMESPACE}} | grep -q {{.CHART_NAME}} diff --git a/capt/templates/kustomization-iso.tmpl b/capt/templates/kustomization-iso.tmpl index fba20990..0ad1556e 100644 --- a/capt/templates/kustomization-iso.tmpl +++ b/capt/templates/kustomization-iso.tmpl @@ -14,7 +14,7 @@ patches: path: /spec/template/spec value: bootOptions: - bootMode: iso + bootMode: isoboot isoURL: "http://$TINKERBELL_VIP:7171/iso/:macAddress/hook.iso" hardwareAffinity: required: @@ -137,7 +137,7 @@ patches: path: /spec/template/spec value: bootOptions: - bootMode: iso + bootMode: isoboot isoURL: "http://$TINKERBELL_VIP:7171/iso/:macAddress/hook.iso" hardwareAffinity: required: From 323b1825e46c74b0fb6ec78295823e3326e11c31 Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Thu, 10 Jul 2025 10:04:51 -0600 Subject: [PATCH 02/14] Create an SSH key pair when no key is supplied: Because of the way we are templating kubeadm config files, if an ssh public key is not specified we need to generate one. Signed-off-by: Jacob Weinstock --- capt/scripts/generate_state.sh | 18 ++++++++++++++++++ capt/tasks/Taskfile-capi.yaml | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/capt/scripts/generate_state.sh b/capt/scripts/generate_state.sh index e4ca878e..52bd3982 100755 --- a/capt/scripts/generate_state.sh +++ b/capt/scripts/generate_state.sh @@ -129,6 +129,24 @@ function main() { os_version=$(yq eval '.versions.os' "$state_file") os_version=$(echo "$os_version" | tr -d '.') yq e -i '.os.version = "'$os_version'"' "$state_file" + + # if the sshKey is not set, generate a default one + ssh_key=$(yq eval '.os.sshKey' "$config_file") + if [[ -z $ssh_key ]]; then + rm -rf "$output_dir"/capt-ssh-key* >>"$output_dir"/error.log 2>&1 + ssh-keygen -t ed25519 -f "$output_dir"/capt-ssh-key -N "" -C "capt-playground" >>"$output_dir"/error.log 2>&1 + if [[ $? -ne 0 ]]; then + echo "Error generating SSH key. Check error.log for details." >>"$output_dir"/error.log 2>&1 + exit 1 + fi + ssh_key=$(cat "$output_dir/capt-ssh-key.pub"| tr -d '\n') + if [[ -z $ssh_key ]]; then + echo "Error reading SSH key from $output_dir/capt-ssh-key.pub" >>"$output_dir"/error.log 2>&1 + exit 1 + fi + yq e -i ".os.sshKey = \"$ssh_key\"" "$state_file" + yq e -i ".os.sshKey = \"$ssh_key\"" "$config_file" + fi } main "$@" diff --git a/capt/tasks/Taskfile-capi.yaml b/capt/tasks/Taskfile-capi.yaml index fb996daf..b18f98f9 100644 --- a/capt/tasks/Taskfile-capi.yaml +++ b/capt/tasks/Taskfile-capi.yaml @@ -110,7 +110,7 @@ tasks: VERSIONS_OS: sh: yq eval '.versions.os' {{.STATE_FILE_FQ_PATH}} SSH_AUTH_KEY: - sh: yq eval '.os.sshKey // "ssh-ed25519 AAAAC3N..."' {{.STATE_FILE_FQ_PATH}} + sh: yq eval '.os.sshKey' {{.STATE_FILE_FQ_PATH}} KUBE_VERSION: sh: yq eval '.versions.kube' {{.STATE_FILE_FQ_PATH}} TINKERBELL_VIP: From b95b05c54b84422e923d1865b3760d68664c3cae Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Thu, 10 Jul 2025 10:08:20 -0600 Subject: [PATCH 03/14] Update the Tootles port: The Tootles port in the Tinkerbell Helm chart now has a default port of 7172. Signed-off-by: Jacob Weinstock --- capt/templates/kustomization-iso.tmpl | 8 ++++---- capt/templates/kustomization-netboot.tmpl | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/capt/templates/kustomization-iso.tmpl b/capt/templates/kustomization-iso.tmpl index 0ad1556e..8054f525 100644 --- a/capt/templates/kustomization-iso.tmpl +++ b/capt/templates/kustomization-iso.tmpl @@ -15,7 +15,7 @@ patches: value: bootOptions: bootMode: isoboot - isoURL: "http://$TINKERBELL_VIP:7171/iso/:macAddress/hook.iso" + isoURL: "http://$TINKERBELL_VIP:7171/iso/hook.iso" hardwareAffinity: required: - labelSelector: @@ -54,7 +54,7 @@ patches: CONTENTS: | datasource: Ec2: - metadata_urls: ["http://$TINKERBELL_VIP:50061"] + metadata_urls: ["http://$TINKERBELL_VIP:7172"] strict_id: false system_info: default_user: @@ -138,7 +138,7 @@ patches: value: bootOptions: bootMode: isoboot - isoURL: "http://$TINKERBELL_VIP:7171/iso/:macAddress/hook.iso" + isoURL: "http://$TINKERBELL_VIP:7171/iso/hook.iso" hardwareAffinity: required: - labelSelector: @@ -177,7 +177,7 @@ patches: CONTENTS: | datasource: Ec2: - metadata_urls: ["http://$TINKERBELL_VIP:50061"] + metadata_urls: ["http://$TINKERBELL_VIP:7172"] strict_id: false system_info: default_user: diff --git a/capt/templates/kustomization-netboot.tmpl b/capt/templates/kustomization-netboot.tmpl index ac3429da..ff05fb45 100644 --- a/capt/templates/kustomization-netboot.tmpl +++ b/capt/templates/kustomization-netboot.tmpl @@ -53,7 +53,7 @@ patches: CONTENTS: | datasource: Ec2: - metadata_urls: ["http://$TINKERBELL_VIP:50061"] + metadata_urls: ["http://$TINKERBELL_VIP:7172"] strict_id: false system_info: default_user: @@ -137,7 +137,7 @@ patches: CONTENTS: | datasource: Ec2: - metadata_urls: ["http://$TINKERBELL_VIP:50061"] + metadata_urls: ["http://$TINKERBELL_VIP:7172"] strict_id: false system_info: default_user: From d9b576eae0e0bbc9a3de0dcf0b972b0f5d63dcbc Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Thu, 10 Jul 2025 11:09:07 -0600 Subject: [PATCH 04/14] Plum through extraVars to the helm chart: This allows adding arbitrary --set values to the helm chart install. Also, update the chart name and namespace to be Tinkerbell. Signed-off-by: Jacob Weinstock --- capt/config.yaml | 10 +++++++--- capt/scripts/generate_state.sh | 35 ++++++++++++++++++++++----------- capt/tasks/Taskfile-create.yaml | 14 +++++++------ 3 files changed, 38 insertions(+), 21 deletions(-) diff --git a/capt/config.yaml b/capt/config.yaml index 0edf9457..5edb1f9f 100644 --- a/capt/config.yaml +++ b/capt/config.yaml @@ -1,14 +1,14 @@ --- clusterName: "capt-playground" outputDir: "output" -namespace: "tink" +namespace: "tinkerbell" counts: controlPlanes: 1 workers: 1 spares: 1 versions: capt: v0.6.5 - chart: v0.18.1 + chart: v0.19.0 kube: v1.29.4 os: 20.04 kubevip: 0.9.1 @@ -17,7 +17,11 @@ capt: #providerRepository: "/home/tink/repos/tinkerbell/cluster-api-provider-tinkerbell/out/release/infrastructure-tinkerbell" chart: location: "oci://ghcr.io/tinkerbell/charts/tinkerbell" - #location: "/home/tink/repos/tinkerbell/charts/tinkerbell/stack" + #location: "/home/tink/repos/tinkerbell/tinkerbell/helm/tinkerbell" + extraVars: + #- deployment.image=your.registry.com/tinkerbell/tinkerbell + #- deployment.imageTag=v0.19.1 + #- deployment.agentImageTag=latest os: registry: ghcr.io/tinkerbell/cluster-api-provider-tinkerbell distro: ubuntu diff --git a/capt/scripts/generate_state.sh b/capt/scripts/generate_state.sh index 52bd3982..0f5cd697 100755 --- a/capt/scripts/generate_state.sh +++ b/capt/scripts/generate_state.sh @@ -5,22 +5,31 @@ cat </dev/null --- clusterName: "capt-playground" -outputDir: "/home/tink/repos/tinkerbell/cluster-api-provider-tinkerbell/playground/output" +outputDir: "/home/tink/repos/tinkerbell/playground/capt/output" namespace: "tink" counts: controlPlanes: 1 workers: 1 spares: 1 versions: - capt: 0.5.3 - chart: 0.5.0 - kube: v1.28.8 - os: 22.04 + capt: v0.6.5 + chart: v0.19.0 + kube: v1.29.4 + os: 20.04 + kubevip: 0.9.1 +capt: + providerRepository: "https://github.com/tinkerbell/cluster-api-provider-tinkerbell/releases" +chart: + location: "oci://ghcr.io/tinkerbell/charts/tinkerbell" + extraVars: + - deployment.image=custom.registry/tinkerbell/tinkerbell + - deployment.imageTag=v0.19.1 + - deployment.agentImageTag=latest os: - registry: reg.weinstocklabs.com/tinkerbell/cluster-api-provider-tinkerbell + registry: ghcr.io/tinkerbell/cluster-api-provider-tinkerbell distro: ubuntu - sshKey: "" - version: "2204" + sshKey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH9a2GwjgVfnpjOvIqNuJTwazS3tqJ9xzcepXzKMccVf capt-playground" + version: "2004" vm: baseName: "node" cpusPerVM: 2 @@ -51,16 +60,17 @@ vm: gateway: 172.18.0.1 virtualBMC: containerName: "virtualbmc" - image: ghcr.io/jacobweinstock/virtualbmc + image: ghcr.io/jacobweinstock/virtualbmc:latest user: "root" pass: "calvin" ip: 172.18.0.3 +bootMode: netboot totalNodes: 3 kind: - kubeconfig: /home/tink/repos/tinkerbell/cluster-api-provider-tinkerbell/playground/output/kind.kubeconfig + kubeconfig: /home/tink/repos/tinkerbell/playground/capt/output/kind.kubeconfig gatewayIP: 172.18.0.1 nodeIPBase: 172.18.10.20 - bridgeName: br-d086780dac6b + bridgeName: br-3d1549d4f99f tinkerbell: vip: 172.18.10.74 hookosVip: 172.18.10.73 @@ -68,7 +78,6 @@ cluster: controlPlane: vip: 172.18.10.75 podCIDR: 172.100.0.0/16 -bootMode: netboot EOF set -euo pipefail @@ -145,6 +154,8 @@ function main() { exit 1 fi yq e -i ".os.sshKey = \"$ssh_key\"" "$state_file" + # populate the config file with the generated SSH key + # so that we don't re-generate it every time yq e -i ".os.sshKey = \"$ssh_key\"" "$config_file" fi } diff --git a/capt/tasks/Taskfile-create.yaml b/capt/tasks/Taskfile-create.yaml index 51854c71..b70c2957 100644 --- a/capt/tasks/Taskfile-create.yaml +++ b/capt/tasks/Taskfile-create.yaml @@ -115,21 +115,23 @@ tasks: sh: yq eval '.namespace' {{.STATE_FILE_FQ_PATH}} LOCATION: sh: yq eval '.chart.location' {{.STATE_FILE_FQ_PATH}} - CHART_NAME: tink-stack + CHART_NAME: tinkerbell BOOTMODE: sh: yq eval '.bootMode' {{.STATE_FILE_FQ_PATH}} GLOBAL_VARS: - trustedProxies={"{{.TRUSTED_PROXIES}}"} - publicIP={{.LB_IP}} - - artifactsFileServer=http://{{.LB_IP2}}:8080 + - artifactsFileServer=http://{{.LB_IP2}}:7173 ISO_VARS: - deployment.envs.smee.dhcpEnabled=false - - hookos.extension=both - - deployment.envs.smee.isoUpstreamURL=http://{{.LB_IP2}}:8080/hook-latest-lts-x86_64-efi-initrd.iso + - optional.hookos.extension=both + - deployment.envs.smee.isoUpstreamURL=http://{{.LB_IP2}}:7173/hook-latest-lts-x86_64-efi-initrd.iso + EXTRA_VARS: + sh: yq eval '.chart.extraVars | .[]' {{.STATE_FILE_FQ_PATH}} | xargs cmds: - - KUBECONFIG="{{.KUBECONFIG}}" helm install {{.CHART_NAME}} {{.LOCATION}} --version "{{.STACK_CHART_VERSION}}" --create-namespace --namespace {{.NAMESPACE}} --wait {{range .GLOBAL_VARS}}--set "{{.}}" {{end}} {{- if eq .BOOTMODE "isoboot" }} {{- range .ISO_VARS }}--set "{{.}}" {{end}} {{end}} + - KUBECONFIG="{{.KUBECONFIG}}" helm upgrade --install {{.CHART_NAME}} {{.LOCATION}} --version "{{.STACK_CHART_VERSION}}" --create-namespace --namespace {{.NAMESPACE}} --wait {{range .GLOBAL_VARS}}--set "{{.}}" {{end}} {{- if eq .BOOTMODE "isoboot" }} {{- range .ISO_VARS }}--set "{{.}}" {{ end }} {{ end }} {{- if .EXTRA_VARS }} {{- range (splitList " " .EXTRA_VARS ) }}--set "{{.}}" {{ end }} {{ end }} status: - - KUBECONFIG="{{.KUBECONFIG}}" helm list -n {{.NAMESPACE}} | grep -q {{.CHART_NAME}} + - helm_status=$(KUBECONFIG="{{.KUBECONFIG}}" helm status -n {{.NAMESPACE}} {{.CHART_NAME}} -o yaml | yq .info.status); [[ "$helm_status" == "deployed" ]] vms: run: once From 958ba0353b203ff0c6381c2beb30d9b62d88952e Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Thu, 10 Jul 2025 11:29:05 -0600 Subject: [PATCH 05/14] fix shfmt issues: I'm exactly sure what shfmt wanted but ran shfmt -w to get the updated formatting. Signed-off-by: Jacob Weinstock --- capt/scripts/generate_state.sh | 38 +++++++++++++++++----------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/capt/scripts/generate_state.sh b/capt/scripts/generate_state.sh index 0f5cd697..28e96663 100755 --- a/capt/scripts/generate_state.sh +++ b/capt/scripts/generate_state.sh @@ -139,25 +139,25 @@ function main() { os_version=$(echo "$os_version" | tr -d '.') yq e -i '.os.version = "'$os_version'"' "$state_file" - # if the sshKey is not set, generate a default one - ssh_key=$(yq eval '.os.sshKey' "$config_file") - if [[ -z $ssh_key ]]; then - rm -rf "$output_dir"/capt-ssh-key* >>"$output_dir"/error.log 2>&1 - ssh-keygen -t ed25519 -f "$output_dir"/capt-ssh-key -N "" -C "capt-playground" >>"$output_dir"/error.log 2>&1 - if [[ $? -ne 0 ]]; then - echo "Error generating SSH key. Check error.log for details." >>"$output_dir"/error.log 2>&1 - exit 1 - fi - ssh_key=$(cat "$output_dir/capt-ssh-key.pub"| tr -d '\n') - if [[ -z $ssh_key ]]; then - echo "Error reading SSH key from $output_dir/capt-ssh-key.pub" >>"$output_dir"/error.log 2>&1 - exit 1 - fi - yq e -i ".os.sshKey = \"$ssh_key\"" "$state_file" - # populate the config file with the generated SSH key - # so that we don't re-generate it every time - yq e -i ".os.sshKey = \"$ssh_key\"" "$config_file" - fi + # if the sshKey is not set, generate a default one + ssh_key=$(yq eval '.os.sshKey' "$config_file") + if [[ -z $ssh_key ]]; then + rm -rf "$output_dir"/capt-ssh-key* >>"$output_dir"/error.log 2>&1 + ssh-keygen -t ed25519 -f "$output_dir"/capt-ssh-key -N "" -C "capt-playground" >>"$output_dir"/error.log 2>&1 + if [[ $? -ne 0 ]]; then + echo "Error generating SSH key. Check error.log for details." >>"$output_dir"/error.log 2>&1 + exit 1 + fi + ssh_key=$(cat "$output_dir/capt-ssh-key.pub" | tr -d '\n') + if [[ -z $ssh_key ]]; then + echo "Error reading SSH key from $output_dir/capt-ssh-key.pub" >>"$output_dir"/error.log 2>&1 + exit 1 + fi + yq e -i ".os.sshKey = \"$ssh_key\"" "$state_file" + # populate the config file with the generated SSH key + # so that we don't re-generate it every time + yq e -i ".os.sshKey = \"$ssh_key\"" "$config_file" + fi } main "$@" From 9d6fb2dfbee6d3dae517c5d2962074a0542be197 Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Wed, 30 Jul 2025 09:09:47 -0600 Subject: [PATCH 06/14] Update to latest waitdaemon: Signed-off-by: Jacob Weinstock --- capt/templates/kustomization-iso.tmpl | 4 ++-- capt/templates/kustomization-netboot.tmpl | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/capt/templates/kustomization-iso.tmpl b/capt/templates/kustomization-iso.tmpl index 8054f525..88e354a2 100644 --- a/capt/templates/kustomization-iso.tmpl +++ b/capt/templates/kustomization-iso.tmpl @@ -117,7 +117,7 @@ patches: CONTENTS: | datasource: Ec2 - name: "kexec image" - image: ghcr.io/jacobweinstock/waitdaemon:0.2.1 + image: ghcr.io/jacobweinstock/waitdaemon:0.2.2 timeout: 90 pid: host environment: @@ -240,7 +240,7 @@ patches: CONTENTS: | datasource: Ec2 - name: "kexec image" - image: ghcr.io/jacobweinstock/waitdaemon:0.2.1 + image: ghcr.io/jacobweinstock/waitdaemon:0.2.2 timeout: 90 pid: host environment: diff --git a/capt/templates/kustomization-netboot.tmpl b/capt/templates/kustomization-netboot.tmpl index ff05fb45..44b88dc9 100644 --- a/capt/templates/kustomization-netboot.tmpl +++ b/capt/templates/kustomization-netboot.tmpl @@ -78,7 +78,7 @@ patches: CONTENTS: | datasource: Ec2 - name: "kexec image" - image: ghcr.io/jacobweinstock/waitdaemon:0.2.1 + image: ghcr.io/jacobweinstock/waitdaemon:0.2.2 timeout: 90 pid: host environment: @@ -162,7 +162,7 @@ patches: CONTENTS: | datasource: Ec2 - name: "kexec image" - image: ghcr.io/jacobweinstock/waitdaemon:0.2.1 + image: ghcr.io/jacobweinstock/waitdaemon:0.2.2 timeout: 90 pid: host environment: From b051b1b84bea39a7ce77457cb971b8b52db5fc8a Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Wed, 30 Jul 2025 09:11:40 -0600 Subject: [PATCH 07/14] Add CAPI labels: This enables the BMC secret to get moved by the `clusterctl move` command. Signed-off-by: Jacob Weinstock --- capt/templates/bmc-secret.tmpl | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/capt/templates/bmc-secret.tmpl b/capt/templates/bmc-secret.tmpl index 35fa3e9c..85b62c78 100644 --- a/capt/templates/bmc-secret.tmpl +++ b/capt/templates/bmc-secret.tmpl @@ -1,9 +1,12 @@ apiVersion: v1 -data: - password: $BMC_PASS_BASE64 - username: $BMC_USER_BASE64 kind: Secret metadata: name: bmc-creds namespace: $NAMESPACE -type: kubernetes.io/basic-auth \ No newline at end of file + labels: + clusterctl.cluster.x-k8s.io/move: "" + clusterctl.cluster.x-k8s.io: "" +data: + password: $BMC_PASS_BASE64 + username: $BMC_USER_BASE64 +type: kubernetes.io/basic-auth From 6cc90344d839d0427d800f5e8d217984ab4609e9 Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Wed, 30 Jul 2025 09:24:53 -0600 Subject: [PATCH 08/14] Add tasks to handle a CAPI move: This enables testing another key part of CAPT. Signed-off-by: Jacob Weinstock --- capt/Taskfile.yaml | 18 +++- capt/tasks/Taskfile-capi-pivot.yaml | 135 ++++++++++++++++++++++++++++ 2 files changed, 149 insertions(+), 4 deletions(-) create mode 100644 capt/tasks/Taskfile-capi-pivot.yaml diff --git a/capt/Taskfile.yaml b/capt/Taskfile.yaml index 718115d7..af0aa92b 100644 --- a/capt/Taskfile.yaml +++ b/capt/Taskfile.yaml @@ -5,6 +5,7 @@ includes: delete: ./tasks/Taskfile-delete.yaml vbmc: ./tasks/Taskfile-vbmc.yaml capi: ./tasks/Taskfile-capi.yaml + capi-pivot: ./tasks/Taskfile-capi-pivot.yaml vars: OUTPUT_DIR: @@ -14,6 +15,8 @@ vars: STATE_FILE: ".state" STATE_FILE_FQ_PATH: sh: echo {{joinPath .CURR_DIR .STATE_FILE}} + CONFIG_FILE_FQ_PATH: + sh: echo {{joinPath .CURR_DIR "config.yaml"}} tasks: create-playground: @@ -112,16 +115,23 @@ tasks: echo echo echo 2. Watch and wait for the Kubernetes API server to be ready and responding: - echo "until KUBECONFIG={{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig kubectl get node; do echo 'Waiting for Kube API server to respond...'; sleep 5; done" + echo "until KUBECONFIG={{CURR_DIR}}/{{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig kubectl get node; do echo 'Waiting for Kube API server to respond...'; sleep 5; done" echo echo 3. Deploy a CNI echo Cilium - echo "KUBECONFIG={{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig cilium install" + echo "KUBECONFIG={{CURR_DIR}}/{{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig cilium install" echo or KUBEROUTER - echo "KUBECONFIG={{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig kubectl apply -f https://raw.githubusercontent.com/cloudnativelabs/kube-router/master/daemonset/kubeadm-kuberouter.yaml" + echo "KUBECONFIG={{CURR_DIR}}/{{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig kubectl apply -f https://raw.githubusercontent.com/cloudnativelabs/kube-router/master/daemonset/kubeadm-kuberouter.yaml" echo echo 4. Watch and wait for all nodes to join the cluster and be ready: - echo "KUBECONFIG={{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig kubectl get nodes -w" + echo "KUBECONFIG={{CURR_DIR}}/{{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig kubectl get nodes -w" - touch {{.OUTPUT_DIR}}/.next-steps-displayed status: - echo ;[ -f {{.OUTPUT_DIR}}/.next-steps-displayed ] + + pivot: + silent: true + summary: | + Pivot the workload cluster to the permanent management cluster. + cmds: + - task: capi-pivot:ordered diff --git a/capt/tasks/Taskfile-capi-pivot.yaml b/capt/tasks/Taskfile-capi-pivot.yaml new file mode 100644 index 00000000..ebf924bb --- /dev/null +++ b/capt/tasks/Taskfile-capi-pivot.yaml @@ -0,0 +1,135 @@ +version: "3" + +includes: + delete: ./Taskfile-delete.yaml + +vars: + OUTPUT_DIR: + sh: yq eval '.outputDir' config.yaml + CURR_DIR: + sh: pwd + STATE_FILE: ".state" + STATE_FILE_FQ_PATH: + sh: echo {{joinPath .CURR_DIR .STATE_FILE}} + CONFIG_FILE_FQ_PATH: + sh: echo {{joinPath .CURR_DIR "config.yaml"}} + CLUSTER_NAME: + sh: yq eval '.clusterName' config.yaml + MGMT_KUBECONFIG: + sh: echo {{list .CLUSTER_NAME "kubeconfig" | join "." | joinPath .CURR_DIR .OUTPUT_DIR}} + KIND_KUBECONFIG: + sh: echo {{ joinPath .CURR_DIR .OUTPUT_DIR "kind.kubeconfig"}} + +tasks: + ordered: + summary: | + CAPI pivot tasks run in order of dependency. + vars: + KUBECONFIG: "{{.MGMT_KUBECONFIG}}" + cmds: + - task: deploy-tinkerbell-helm-chart + - task: init + - task: pivot + - task: remove-kind-cluster + + deploy-tinkerbell-helm-chart: + run: once + summary: | + Deploy the Tinkerbell Helm chart. + vars: + KUBECONFIG: "{{.MGMT_KUBECONFIG}}" + LB_IP: + sh: yq eval '.tinkerbell.vip' {{.STATE_FILE_FQ_PATH}} + LB_IP2: + sh: yq eval '.tinkerbell.hookosVip' {{.STATE_FILE_FQ_PATH}} + TRUSTED_PROXIES: + sh: KUBECONFIG={{.KUBECONFIG}} kubectl get nodes -o jsonpath='{.items[*].spec.podCIDR}' | tr ' ' ',' + STACK_CHART_VERSION: + sh: yq eval '.versions.chart' {{.STATE_FILE_FQ_PATH}} + NAMESPACE: + sh: yq eval '.namespace' {{.STATE_FILE_FQ_PATH}} + LOCATION: + sh: yq eval '.chart.location' {{.STATE_FILE_FQ_PATH}} + CHART_NAME: tinkerbell + BOOTMODE: + sh: yq eval '.bootMode' {{.STATE_FILE_FQ_PATH}} + GLOBAL_VARS: + - trustedProxies={"{{.TRUSTED_PROXIES}}"} + - publicIP={{.LB_IP}} + - artifactsFileServer=http://{{.LB_IP2}}:7173 + ISO_VARS: + - deployment.envs.smee.dhcpEnabled=false + - deployment.envs.smee.isoUpstreamURL=http://{{.LB_IP2}}:7173/hook-latest-lts-x86_64-efi-initrd.iso + - optional.hookos.extension=both + EXTRA_VARS: + sh: yq eval '.chart.extraVars | .[]' {{.STATE_FILE_FQ_PATH}} | xargs + cmds: + - KUBECONFIG="{{.MGMT_KUBECONFIG}}" helm upgrade --install {{.CHART_NAME}} {{.LOCATION}} --version "{{.STACK_CHART_VERSION}}" --create-namespace --namespace {{.NAMESPACE}} --wait {{range .GLOBAL_VARS}}--set "{{.}}" {{end}} {{- if eq .BOOTMODE "isoboot" }} {{- range .ISO_VARS }}--set "{{.}}" {{ end }} {{ end }} {{- if .EXTRA_VARS }} {{- range (splitList " " .EXTRA_VARS ) }}--set "{{.}}" {{ end }} {{ end }} + status: + - helm_status=$(KUBECONFIG="{{.KUBECONFIG}}" helm status -n {{.NAMESPACE}} {{.CHART_NAME}} -o yaml | yq .info.status); [[ "$helm_status" == "deployed" ]] + + init: + run: once + deps: [deploy-tinkerbell-helm-chart] + summary: | + Initialize the cluster. + env: + TINKERBELL_IP: + sh: yq eval '.tinkerbell.vip' {{.STATE_FILE_FQ_PATH}} + CLUSTERCTL_DISABLE_VERSIONCHECK: true + XDG_CONFIG_HOME: "{{.OUTPUT_DIR}}/xdg" + XDG_CONFIG_DIRS: "{{.OUTPUT_DIR}}/xdg" + XDG_STATE_HOME: "{{.OUTPUT_DIR}}/xdg" + XDG_CACHE_HOME: "{{.OUTPUT_DIR}}/xdg" + XDG_RUNTIME_DIR: "{{.OUTPUT_DIR}}/xdg" + XDG_DATA_HOME: "{{.OUTPUT_DIR}}/xdg" + XDG_DATA_DIRS: "{{.OUTPUT_DIR}}/xdg" + vars: + OUTPUT_DIR: + sh: echo $(yq eval '.outputDir' config.yaml) + KIND_GATEWAY_IP: + sh: yq eval '.kind.gatewayIP' {{.STATE_FILE_FQ_PATH}} + KUBECONFIG: "{{.MGMT_KUBECONFIG}}" + cmds: + - KUBECONFIG="{{.KUBECONFIG}}" clusterctl --config {{.OUTPUT_DIR}}/clusterctl.yaml init --infrastructure tinkerbell + status: + - expected=1; got=$(KUBECONFIG="{{.KUBECONFIG}}" kubectl get pods -n capt-system |grep -ce "capt-controller"); [[ "$got" == "$expected" ]] + + pivot: + run: once + deps: [init] + summary: | + Pivot the workload cluster (the initial mgmt cluster) to the permanent management cluster. + env: + CLUSTERCTL_DISABLE_VERSIONCHECK: true + XDG_CONFIG_HOME: "{{.OUTPUT_DIR}}/xdg" + XDG_CONFIG_DIRS: "{{.OUTPUT_DIR}}/xdg" + XDG_STATE_HOME: "{{.OUTPUT_DIR}}/xdg" + XDG_CACHE_HOME: "{{.OUTPUT_DIR}}/xdg" + XDG_RUNTIME_DIR: "{{.OUTPUT_DIR}}/xdg" + XDG_DATA_HOME: "{{.OUTPUT_DIR}}/xdg" + XDG_DATA_DIRS: "{{.OUTPUT_DIR}}/xdg" + vars: + OUTPUT_DIR: + sh: echo $(yq eval '.outputDir' config.yaml) + NAMESPACE: + sh: yq eval '.namespace' {{.STATE_FILE_FQ_PATH}} + cmds: + - KUBECONFIG="{{.KIND_KUBECONFIG}}" clusterctl move --to-kubeconfig="{{.MGMT_KUBECONFIG}}" --config {{.OUTPUT_DIR}}/clusterctl.yaml --kubeconfig "{{.KIND_KUBECONFIG}}" -n {{.NAMESPACE}} + status: + - expected=1; result=$(KUBECONFIG="{{.KIND_KUBECONFIG}}" kubectl get hw,machine.bmc -A | grep -i -e "hardware" -e "machine" && echo $? || echo $?); [[ "$result" == "$expected" ]] + - KUBECONFIG="{{.MGMT_KUBECONFIG}}" kubectl get hw,machine.bmc -A | grep -i -e "hardware" -e "machine" + + prompt-remove-kind-cluster: + deps: [pivot] + prompt: Should the KinD cluster be deleted? Press `y` to delete the KinD cluster. Press `n` to exit. + cmds: + - echo 'Deleting the KinD cluster...' + + remove-kind-cluster: + run: once + deps: [prompt-remove-kind-cluster] + summary: | + Remove the kind cluster. + cmds: + - task: delete:kind-cluster \ No newline at end of file From e3a5492a56c48ccbe94436f1315700b918239091 Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Wed, 30 Jul 2025 09:51:29 -0600 Subject: [PATCH 09/14] Update versions in config.yaml: Signed-off-by: Jacob Weinstock --- capt/config.yaml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/capt/config.yaml b/capt/config.yaml index 5edb1f9f..e64ecb9f 100644 --- a/capt/config.yaml +++ b/capt/config.yaml @@ -8,8 +8,8 @@ counts: spares: 1 versions: capt: v0.6.5 - chart: v0.19.0 - kube: v1.29.4 + chart: v0.19.2 + kube: v1.31.3 os: 20.04 kubevip: 0.9.1 capt: @@ -19,9 +19,6 @@ chart: location: "oci://ghcr.io/tinkerbell/charts/tinkerbell" #location: "/home/tink/repos/tinkerbell/tinkerbell/helm/tinkerbell" extraVars: - #- deployment.image=your.registry.com/tinkerbell/tinkerbell - #- deployment.imageTag=v0.19.1 - #- deployment.agentImageTag=latest os: registry: ghcr.io/tinkerbell/cluster-api-provider-tinkerbell distro: ubuntu From 9e4534c0e870ccec0b82f90725c475fc7f4a8599 Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Wed, 30 Jul 2025 09:52:26 -0600 Subject: [PATCH 10/14] Update auto ssh-key generation and deletion: Don't update the config.yaml. Signed-off-by: Jacob Weinstock --- capt/scripts/generate_state.sh | 7 ++++--- capt/tasks/Taskfile-delete.yaml | 12 ++++++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/capt/scripts/generate_state.sh b/capt/scripts/generate_state.sh index 28e96663..8897bb11 100755 --- a/capt/scripts/generate_state.sh +++ b/capt/scripts/generate_state.sh @@ -29,6 +29,7 @@ os: registry: ghcr.io/tinkerbell/cluster-api-provider-tinkerbell distro: ubuntu sshKey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH9a2GwjgVfnpjOvIqNuJTwazS3tqJ9xzcepXzKMccVf capt-playground" + sshKeyAutoGenerated: true version: "2004" vm: baseName: "node" @@ -154,9 +155,9 @@ function main() { exit 1 fi yq e -i ".os.sshKey = \"$ssh_key\"" "$state_file" - # populate the config file with the generated SSH key - # so that we don't re-generate it every time - yq e -i ".os.sshKey = \"$ssh_key\"" "$config_file" + yq e -i ".os.sshKeyAutoGenerated = true" "$state_file" + else + yq e -i ".os.sshKeyAutoGenerated = false" "$state_file" fi } diff --git a/capt/tasks/Taskfile-delete.yaml b/capt/tasks/Taskfile-delete.yaml index 4699003d..b72cb539 100644 --- a/capt/tasks/Taskfile-delete.yaml +++ b/capt/tasks/Taskfile-delete.yaml @@ -11,6 +11,7 @@ tasks: - task: vms - task: default-storage-pool - task: output-dir + - task: remove-auto-generated-ssh-key kind-cluster: summary: | @@ -77,3 +78,14 @@ tasks: - rm -rf {{.OUTPUT_DIR}} status: - echo ;[ ! -d {{.OUTPUT_DIR}} ] + + remove-auto-generated-ssh-key: + summary: | + Remove the auto generated ssh key from the .state file. + cmds: + - yq e -i '.os.sshKey = ""' {{.STATE_FILE_FQ_PATH}} + - yq e -i '.os.sshKeyAutoGenerated = false' {{.STATE_FILE_FQ_PATH}} + status: + #- key=$(yq eval '.os.sshKey' {{.CONFIG_FILE_FQ_PATH}}); [[ "$key" != "" ]] + - v=$(yq eval '.os.sshKey' {{.CONFIG_FILE_FQ_PATH}}); [[ "$v" != "" ]] || [[ "$(yq eval '.os.sshKey' {{.STATE_FILE_FQ_PATH}})" == "" ]] + From e6fe8b5f1bc696f866648193ec4d024547b561fd Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Wed, 30 Jul 2025 09:53:10 -0600 Subject: [PATCH 11/14] Handle trusted proxies properly: When multiple cidrs are defined they need to be comma delimited. Signed-off-by: Jacob Weinstock --- capt/tasks/Taskfile-create.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/capt/tasks/Taskfile-create.yaml b/capt/tasks/Taskfile-create.yaml index b70c2957..e813d7a5 100644 --- a/capt/tasks/Taskfile-create.yaml +++ b/capt/tasks/Taskfile-create.yaml @@ -108,7 +108,7 @@ tasks: LB_IP2: sh: yq eval '.tinkerbell.hookosVip' {{.STATE_FILE_FQ_PATH}} TRUSTED_PROXIES: - sh: KUBECONFIG={{.KUBECONFIG}} kubectl get nodes -o jsonpath='{.items[*].spec.podCIDR}' + sh: KUBECONFIG={{.KUBECONFIG}} kubectl get nodes -o jsonpath='{.items[*].spec.podCIDR}' | tr ' ' ',' STACK_CHART_VERSION: sh: yq eval '.versions.chart' {{.STATE_FILE_FQ_PATH}} NAMESPACE: @@ -124,8 +124,8 @@ tasks: - artifactsFileServer=http://{{.LB_IP2}}:7173 ISO_VARS: - deployment.envs.smee.dhcpEnabled=false - - optional.hookos.extension=both - deployment.envs.smee.isoUpstreamURL=http://{{.LB_IP2}}:7173/hook-latest-lts-x86_64-efi-initrd.iso + - optional.hookos.extension=both EXTRA_VARS: sh: yq eval '.chart.extraVars | .[]' {{.STATE_FILE_FQ_PATH}} | xargs cmds: From f52d86fbfa8811aceba7a17f67593ffa3654e530 Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Wed, 30 Jul 2025 10:01:40 -0600 Subject: [PATCH 12/14] Fix linting issues Signed-off-by: Jacob Weinstock --- capt/tasks/Taskfile-capi-pivot.yaml | 2 +- capt/tasks/Taskfile-delete.yaml | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/capt/tasks/Taskfile-capi-pivot.yaml b/capt/tasks/Taskfile-capi-pivot.yaml index ebf924bb..02b05b7b 100644 --- a/capt/tasks/Taskfile-capi-pivot.yaml +++ b/capt/tasks/Taskfile-capi-pivot.yaml @@ -132,4 +132,4 @@ tasks: summary: | Remove the kind cluster. cmds: - - task: delete:kind-cluster \ No newline at end of file + - task: delete:kind-cluster diff --git a/capt/tasks/Taskfile-delete.yaml b/capt/tasks/Taskfile-delete.yaml index b72cb539..cd9acba6 100644 --- a/capt/tasks/Taskfile-delete.yaml +++ b/capt/tasks/Taskfile-delete.yaml @@ -86,6 +86,4 @@ tasks: - yq e -i '.os.sshKey = ""' {{.STATE_FILE_FQ_PATH}} - yq e -i '.os.sshKeyAutoGenerated = false' {{.STATE_FILE_FQ_PATH}} status: - #- key=$(yq eval '.os.sshKey' {{.CONFIG_FILE_FQ_PATH}}); [[ "$key" != "" ]] - v=$(yq eval '.os.sshKey' {{.CONFIG_FILE_FQ_PATH}}); [[ "$v" != "" ]] || [[ "$(yq eval '.os.sshKey' {{.STATE_FILE_FQ_PATH}})" == "" ]] - From 65613ffcb6cc8608e52c1c2c3c9a24ee0026b540 Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Wed, 30 Jul 2025 10:47:02 -0600 Subject: [PATCH 13/14] Fix taskfile template referencing: Signed-off-by: Jacob Weinstock --- capt/Taskfile.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/capt/Taskfile.yaml b/capt/Taskfile.yaml index af0aa92b..af2878b9 100644 --- a/capt/Taskfile.yaml +++ b/capt/Taskfile.yaml @@ -115,16 +115,16 @@ tasks: echo echo echo 2. Watch and wait for the Kubernetes API server to be ready and responding: - echo "until KUBECONFIG={{CURR_DIR}}/{{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig kubectl get node; do echo 'Waiting for Kube API server to respond...'; sleep 5; done" + echo "until KUBECONFIG={{.CURR_DIR}}/{{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig kubectl get node; do echo 'Waiting for Kube API server to respond...'; sleep 5; done" echo echo 3. Deploy a CNI echo Cilium - echo "KUBECONFIG={{CURR_DIR}}/{{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig cilium install" + echo "KUBECONFIG={{.CURR_DIR}}/{{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig cilium install" echo or KUBEROUTER - echo "KUBECONFIG={{CURR_DIR}}/{{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig kubectl apply -f https://raw.githubusercontent.com/cloudnativelabs/kube-router/master/daemonset/kubeadm-kuberouter.yaml" + echo "KUBECONFIG={{.CURR_DIR}}/{{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig kubectl apply -f https://raw.githubusercontent.com/cloudnativelabs/kube-router/master/daemonset/kubeadm-kuberouter.yaml" echo echo 4. Watch and wait for all nodes to join the cluster and be ready: - echo "KUBECONFIG={{CURR_DIR}}/{{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig kubectl get nodes -w" + echo "KUBECONFIG={{.CURR_DIR}}/{{.OUTPUT_DIR}}/{{.CLUSTER_NAME}}.kubeconfig kubectl get nodes -w" - touch {{.OUTPUT_DIR}}/.next-steps-displayed status: - echo ;[ -f {{.OUTPUT_DIR}}/.next-steps-displayed ] From 11f56f3f1bfd6e54dfe0ee9725c3042fbfc81272 Mon Sep 17 00:00:00 2001 From: Jacob Weinstock Date: Tue, 26 Aug 2025 08:54:12 -0600 Subject: [PATCH 14/14] Update to latest helm chart Signed-off-by: Jacob Weinstock --- capt/config.yaml | 4 +++- stack/vagrant/.env | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/capt/config.yaml b/capt/config.yaml index e64ecb9f..e6ce8b0a 100644 --- a/capt/config.yaml +++ b/capt/config.yaml @@ -8,7 +8,7 @@ counts: spares: 1 versions: capt: v0.6.5 - chart: v0.19.2 + chart: v0.20.1 kube: v1.31.3 os: 20.04 kubevip: 0.9.1 @@ -19,6 +19,8 @@ chart: location: "oci://ghcr.io/tinkerbell/charts/tinkerbell" #location: "/home/tink/repos/tinkerbell/tinkerbell/helm/tinkerbell" extraVars: + # - deployment.imagePullPolicy=Always + - optional.hookos.downloadURL=https://github.com/tinkerbell/hook/releases/download/latest os: registry: ghcr.io/tinkerbell/cluster-api-provider-tinkerbell distro: ubuntu diff --git a/stack/vagrant/.env b/stack/vagrant/.env index 58b1ca47..c3f73dc0 100644 --- a/stack/vagrant/.env +++ b/stack/vagrant/.env @@ -6,7 +6,7 @@ MACHINE1_IP=192.168.56.43 MACHINE1_MAC=08:00:27:9e:f5:3a # https://github.com/tinkerbell/tinkerbell/pkgs/container/charts%2Ftinkerbell -HELM_CHART_VERSION=v0.19.2 +HELM_CHART_VERSION=v0.20.1 KUBECTL_VERSION=1.32.4 K3D_VERSION=v5.8.3 HELM_VERSION=v3.17.0